About Fortify Software Security Center User Authentication
By default, when a user logs on to Fortify Software Security Center or uses a Fortify client
Scanner supported by Security Fortify WebInspect Enterprise that connects to WebInspect Enterprise to receive license permissions, updates or scan data, and which also presents a user interface through which scans may be conducted. WebInspect Enterprise controls permissions for a client and also provides the policies used by clients. A client can be configured to upload scan results to WebInspect Enterprise automatically at the completion of the scan or only when specifically instructed by the user. to upload Fortify project results files (FPRs), Fortify Software Security Center uses its database to authenticate the user, and then binds the authenticated user to the user's assigned user role (Administrator, Security Lead, Developer, and so on).
Database‑only authenticationIdentity verification, typically with passwords. Authentication precedes authorization. imposes a separate administrative process for creating and managing Fortify Software Security Center user accounts and roles. The default database‑only authentication methodAn action that a web service performs. For instance, one web service may have one WSDL that contains four operations. Those might be, for example, Update, Create, Delete, and Diagnostic. (Same as operation). can be augmented by using LDAP to authenticate users. Most administrators prefer to augment the Fortify Software Security Center default database‑only authentication with LDAP. LDAP authentication enables a single administrative process to manage user authentication for multiple network entities, including Fortify Software Security Center. You can configure Fortify Software Security Center to augment its native database‑only user authentication with LDAP user authentication.